Hostname: page-component-cd9895bd7-8ctnn Total loading time: 0 Render date: 2024-12-27T05:13:18.106Z Has data issue: false hasContentIssue false

Easy Decision Diffie-Hellman Groups

Published online by Cambridge University Press:  01 February 2010

Steven D. Galbraith
Affiliation:
Mathematics Department, Royal Holloway University of London, Egham. Surrey TW20 OEX, United Kingdom, Steven.Galbraith@rhul.ac.uk, http://www.isg.rhul.ac.uk/~sdg/
Victor Rotger
Affiliation:
Universitat Politècnica de Catalunya, Departament de Matemàtica Aplicada IV (EUPVG), Av. Victor Balaguer s/n 08800 Vilanova i la Geltrú, Spain, vrotger@mat.upc.es

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

The decision Diffie-Hellman problem (DDH) is a central computational problem in cryptography. It is known that the Weil and Tate pairings can be used to solve many DDH problems on elliptic curves. Distortion maps are an important tool for solving DDH problems using pairings, and it is known that distortion maps exist for all super-singular elliptic curves. An algorithm is presented here to construct suitable distortion maps. The algorithm is efficient on the curves that are usable in practice, and hence all DDH problems on these curves are easy. The issue of which DDH problems on ordinary curves are easy is also discussed.

Type
Research Article
Copyright
Copyright © London Mathematical Society 2004

References

1. Alsina, M. and Bayer, P., Quaternion orders, quadratic forms, and Shimura curves, CRM Monogr. Ser. 22 (Amer. Math. Soc, Providence, RI, 2004).Google Scholar
2. Barreto, P. S. L. M., Kim, H. Y., Lynn, B. and Scott, M., ‘Efficient implementation of pairing-based cryptosy stems’, CRYPTO 2002, Lecture Notes in Comput. Sci. 2442 (ed. Yung, M., Springer, New York, 2002) 354368.Google Scholar
3. Barreto, P. S. L. M., Lynn, B. and Scott, M., ‘On the selection of pairing- friendly groups’, SAC 2003, Lecture Notes in Comput. Sci. 3006 (ed. Matsui, M. and Zuccherato, R., Springer, New York, 2004) 1725.Google Scholar
4. Boneh, D., ‘The decision Diffie-Hellman problem’, ANTS III, Lecture Notes in Comput. Sci. 1423 (ed. Buhler, J., Springer, New York, 1998) 4863.Google Scholar
5. Boneh, D. and Franklin, M., ‘Identity-based encryption from the Weil pairing’, (full version) SIAM J. Comp. 32 (2003) 586615.Google Scholar
6. Boneh, D., Lynn, B. and Shacham, H., ‘Short signatures from the Weil pairing’, ASIACRYPT 2001, Lecture Notes in Comput. Sci. 2248 (ed. Boyd, C., Springer, New York2001) 514532.Google Scholar
7. Cohen, H., A course in computational algebraic number theory, Grad. Texts in Math. 138 (Springer, New York, 1993).Google Scholar
8. Cox, D. A., Primes of the form x2 + ny2 (Wiley, 1989).Google Scholar
9. Cremona, J., Algorithms for modular elliptic curves (Cambridge Univ. Press, 1992).Google Scholar
10. Elkies, N., ‘Elliptic and modular curves over finite fields and related computational issues’, Computational perspectives on number theory (ed. Buell, D. A. and Teitelbaum, J. T., Amer. Math. Soc, 1997) 2176.Google Scholar
11. Frey, G. and Rück, H.-G., ‘A remark concerning m-divisibility and the discrete logarithm problem in the divisor class group of curves’, Math. Comp. 52 (1994) 865874.Google Scholar
12. Galbraith, S. D., ‘Constructing isogenies between elliptic curves over finite fields’, LMSJ. Comput. Math. 2 (1999) 118138.Google Scholar
13. Galbraith, S. D., ‘Supersingular curves in cryptography’, ASIACRYPT2001, Lecture Notes in Comput. Sci. 2248 (ed. Boyd, C., Springer, New York, 2001) 495513.Google Scholar
14. Galbraith, S. D., ‘Pairings’, Advances in elliptic curve cryptography, (ed. Blake, I., Seroussi, G. and Smart, N. P., Cambridge Univ. Press, to appear) Chapter IX.Google Scholar
15. Galbraith, S. D., Harrison, K. and Soldera, D., ‘Implementing the Tate pairing’, ANTS-V, Lecture Notes in Comput. Sci. 2369 (ed. Fieker, C. and Kohel, D., Springer, New York, 2002) 324337.Google Scholar
16. Gallant, R. P., Lambert, R. J. and Vanstone, S. A., ‘Faster point multiplication on elliptic curves with efficient endomorphisms’, CRYPTO 2001, Lecture Notes in Comput. Sci. 2193 (ed. Kilian, J., Springer, New York, 2001) 190200.Google Scholar
17. Gross, B. H., Heights and special values ofL-series, CMS Conf. Proc. 7 (Amer. Math. Soc, Providence, RI, 1986) 115187.Google Scholar
18. Joux, A.and Nguyen, K., ‘Separating decision Diffie-Hellman from computational Diffie-Hellman in cryptographic groups’, J. Cryptology 16 (2003) 239247.Google Scholar
19. Kohel, D., ‘Endomorphism rings of elliptic curves over finite fields’, PhD thesis, Berkeley, (1996).Google Scholar
20. Lang, S., Algebraic number theory, Grad. Texts in Math. 110 (Springer, New York, 1986).Google Scholar
21. Lang, S., Elliptic functions, Grad. Texts in Math. 112 (Springer, New York, 1987).Google Scholar
22. Rostovtsev, A. G. and Makhovenko, E. B., ‘Elliptic curve point multiplication’, MMM-ACNS 2003, Lecture Notes in Comput. Sci. 2776 (ed. Gorodetsky, V. et al, Springer, New York, 2003) 328336.Google Scholar
23. Rotger, V., ‘Quaternions, polarizations and class numbers’, J. Reine Angew. Math. 561 (2003) 177197.Google Scholar
24. Rotger, V., ‘The field of moduli of quaternionic multiplication on abelian varieties’, Int. J. Math. Math. Sci., to appear.Google Scholar
25. Silverman, J. H., The arithmetic of elliptic curves, Grad. Texts in Math. 106 (Springer, New York, 1986).Google Scholar
26. Vélu, J., ‘Isogénies entre courbes elliptiques’, C.R. Acad. Sci Paris, Sér. A 273 (1971) 238241.Google Scholar
27. Verheul, E. R., ‘Evidence that XTR is more secure than supersingular elliptic curve cryptosy stems’, EUROCRYPT 2001, Lecture Notes in Comput. Sci. 2045 (ed. Pfitzmann, B., Springer, New York, 2001) 195210.Google Scholar
28. Verheul, E. R., ‘Evidence that XTR is more secure than supersingular elliptic curve cryptosy stems’, (full version), J. Cryptology, to appear.Google Scholar
29. Vignéras, M. F., Arithmetic of quaternion algebras, Lecture Notes in Math. 800 (Springer, New York, 1980).Google Scholar
30. Waterhouse, E., ‘Abelian varieties over finite fields’, Ann. Sci. École Norm. Sup.(4) 2 (1969) 521560.Google Scholar